<?php
App::uses('AppController', 'Controller');
/**
 * Users Controller
 *
 * @property User $User
 */
class UsersController extends AppController {

/**
 * index method
 *
 * @return void
 */
	public function index() {
		$this->User->recursive = 0;
		$this->set('users', $this->paginate());
	}

/**
 * view method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
	public function view($id = null) {
		$this->User->id = $id;
		if (!$this->User->exists()) {
			throw new NotFoundException(__('Invalid user'));
		}
		$this->set('user', $this->User->read(null, $id));
	}

/**
 * add method
 *
 * @return void
 */
	public function add($codigo = null) {
		$this->set('codigo', $codigo);
		if ($this->request->is('post')) {
			$this->User->create();

			if ($this->User->save($this->request->data)) {
				$this->Session->setFlash(__('The user has been saved'));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
			}
		}
		$groups = $this->User->Group->find('list');
        $this->set(compact('groups'));
	}

/**
 * edit method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
	public function edit($id = null) {
		
		$this->User->id = $id;
		if (!$this->User->exists()) {
			throw new NotFoundException(__('Invalid user'));
		}
		$groups = $this->User->Group->find('list');
		$this->set(compact('groups'));
		if ($this->request->is('post') || $this->request->is('put')) {
			if ($this->User->save($this->request->data)) {
				$this->Session->setFlash(__('The user has been saved'));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
			}
		} else {
			$this->request->data = $this->User->read(null, $id);
		}
	}

/**
 * delete method
 *
 * @throws MethodNotAllowedException
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
	public function delete($id = null) {
		if (!$this->request->is('post')) {
			throw new MethodNotAllowedException();
		}
		$this->User->id = $id;
		if (!$this->User->exists()) {
			throw new NotFoundException(__('Invalid user'));
		}
		if ($this->User->delete()) {
			$this->Session->setFlash(__('User deleted'));
			$this->redirect(array('action' => 'index'));
		}
		$this->Session->setFlash(__('User was not deleted'));
		$this->redirect(array('action' => 'index'));
	}

/**
 * admin_index method
 *
 * @return void
 */
	public function admin_index() {
		$this->User->recursive = 0;
		$this->set('users', $this->paginate());
	}

/**
 * admin_view method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
	public function admin_view($id = null) {
		$this->User->id = $id;
		if (!$this->User->exists()) {
			throw new NotFoundException(__('Invalid user'));
		}
		$this->set('user', $this->User->read(null, $id));
	}

/**
 * admin_add method
 *
 * @return void
 */
	public function admin_add() {
		if ($this->request->is('post')) {
			$this->User->create();
			if ($this->User->save($this->request->data)) {
				$this->Session->setFlash(__('The user has been saved'));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
			}
		}
	}

/**
 * admin_edit method
 *
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
	public function admin_edit($id = null) {
		$this->User->id = $id;
		if (!$this->User->exists()) {
			throw new NotFoundException(__('Invalid user'));
		}
		if ($this->request->is('post') || $this->request->is('put')) {
			if ($this->User->save($this->request->data)) {
				$this->Session->setFlash(__('The user has been saved'));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
			}
		} else {
			$this->request->data = $this->User->read(null, $id);
		}
	}

/**
 * admin_delete method
 *
 * @throws MethodNotAllowedException
 * @throws NotFoundException
 * @param string $id
 * @return void
 */
	public function admin_delete($id = null) {
		if (!$this->request->is('post')) {
			throw new MethodNotAllowedException();
		}
		$this->User->id = $id;
		if (!$this->User->exists()) {
			throw new NotFoundException(__('Invalid user'));
		}
		if ($this->User->delete()) {
			$this->Session->setFlash(__('User deleted'));
			$this->redirect(array('action' => 'index'));
		}
		$this->Session->setFlash(__('User was not deleted'));
		$this->redirect(array('action' => 'index'));
	}
	
	
	
	private function LoadPermissions(){
		$user = $this->Auth->user();
		$userGroup = $this->User->Group->findById($user['group_id']);
		/*$aro = $this->Acl->Aro->find('first', array(
				'conditions' => array(
						'Aro.model' => 'Group',
						'Aro.foreign_key' => $this->_user['User']['group_id'],
				),
		));*/
		
		$aro = $this->Acl->Aro->find('first', array(
				'conditions' => array(
						'Aro.model' => 'Group',
						//'Aro.foreign_key' => $this->_user['User']['group_id'],
						'Aro.foreign_key' => $user['group_id'],
				),
		));
		
		$acos = $this->Acl->Aco->children();
		
		
		foreach($acos as $aco){
			$permission = $this->Acl->Aro->Permission->find('first', array(
					'conditions' => array(
							'Permission.aro_id' => $aro['Aro']['id'],
							'Permission.aco_id' => $aco['Aco']['id'],
					),
			));
			
			if(isset($permission['Permission']['id'])){
			
				
				if ($permission['Permission']['_create'] == 1 ||
						$permission['Permission']['_read'] == 1 ||
						$permission['Permission']['_update'] == 1 ||
						$permission['Permission']['_delete'] == 1) {
					$this->Session->write(
							'Auth.Permissions.'.$permission['Aco']['alias'],
							true
					);
					if(!empty($permission['Aco']['parent_id'])){
						$parentAco = $this->Acl->Aco->find('first', array(
								'conditions' => array(
										'id' => $permission['Aco']['parent_id']
								)
						));
						$this->Session->write(
								'Auth.Permissions.'.$parentAco['Aco']['alias'].'.'.$permission['Aco']['alias'],
								true
						);
					}
				}
			}
			
		}
	
	
	}
	
	
	
	
	public function Login() {
				
		if ($this->Session->read('Auth.User')) {
			$this->Session->setFlash('You are logged in!');
			$this->redirect(array('controller' => 'pages', 'action' => 'home'));
		}
	    if ($this->request->is('post')) {
	        if ($this->Auth->login()) {
	        	$this->LoadPermissions();
	            //$this->redirect($this->Auth->redirect());
	            $this->redirect(array('controller' => 'pages', 'action' => 'home'));
	        } else {
	            $this->Session->setFlash('Your username or password was incorrect.');
	        }
	    }
	}
	

	public function logout() {
		$this->Session->delete('Auth.Permissions');
	    $this->Session->setFlash('Good-Bye');
		$this->redirect($this->Auth->logout());
	   	$this->redirect('/');
	}
/*public function beforeFilter() {
    parent::beforeFilter();

    // For CakePHP 2.0
    $this->Auth->allow('*');

    // For CakePHP 2.1 and up
    $this->Auth->allow();
}*/
public function beforeFilter() {
	parent::beforeFilter();
	$this->Auth->allow('initDB'); // We can remove this line after we're finished
	$this->Auth->allow('index', 'view');
	
	
}

public function initDB() {
	$group = $this->User->Group;
	//$this->Acl->allow($group, 'controllers');
	
	
	//Permisos para Inspeccion inicial
	$group->id = 3;
	$this->Acl->deny($group, 'controllers');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/inspeccion_inicial');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/index');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/view');
	$this->Acl->allow($group, 'controllers/Grid/serviceOrderRowGrid');
	$this->Acl->allow($group, 'controllers/users/logout');
	$this->Acl->allow($group, 'controllers/users/edit');
	
	//Permisos para embandado
	$group->id = 4;
	$this->Acl->deny($group, 'controllers');
	$this->Acl->allow($group, 'controllers/pages/home');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/embandado');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/index');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/view');
	$this->Acl->allow($group, 'controllers/Grid/serviceOrderRowGrid');
	$this->Acl->allow($group, 'controllers/users/logout');
	$this->Acl->allow($group, 'controllers/users/edit');
	
	//Permisos para cocinado
	$group->id = 5;
	$this->Acl->deny($group, 'controllers');
	$this->Acl->allow($group, 'controllers/pages/home');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/cocinado');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/index');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/view');
	$this->Acl->allow($group, 'controllers/Grid/serviceOrderRowGrid');
	$this->Acl->allow($group, 'controllers/users/logout');
	$this->Acl->allow($group, 'controllers/users/edit');
	
	//Permisos para pulido
	$group->id = 6;
	$this->Acl->deny($group, 'controllers');
	$this->Acl->allow($group, 'controllers/pages/home');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/pulido');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/index');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/view');
	$this->Acl->allow($group, 'controllers/Grid/serviceOrderRowGrid');
	$this->Acl->allow($group, 'controllers/users/logout');
	$this->Acl->allow($group, 'controllers/users/edit');

	//Permisos para inspeccion final
	$group->id = 7;
	$this->Acl->deny($group, 'controllers');
	$this->Acl->allow($group, 'controllers/pages/home');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/inspeccion_final');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/index');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/view');
	$this->Acl->allow($group, 'controllers/Grid/serviceOrderRowGrid');
	$this->Acl->allow($group, 'controllers/users/logout');
	$this->Acl->allow($group, 'controllers/users/edit');

	//Permisos para cliente
	$group->id = 8;
	$this->Acl->deny($group, 'controllers');
	$this->Acl->allow($group, 'controllers/pages/home');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/index');
	$this->Acl->allow($group, 'controllers/ServiceOrderRows/view');
	$this->Acl->allow($group, 'controllers/Grid/serviceOrderRowGrid');
	$this->Acl->allow($group, 'controllers/users/logout');
	$this->Acl->allow($group, 'controllers/users/edit');


	echo "all done";
	exit;
}

}
